gitea-mirror/trivy
1
0
Fork 0
mirror of https://github.com/aquasecurity/trivy.git synced 2025-12-24 03:58:12 -08:00
Code Issues Packages Projects Releases Wiki Activity

fix(java): fix groupID selection by ArtifactID for jar files. (#3644)

Browse Source
This commit is contained in:
DmitriyLewen
2023-02-18 10:07:08 +03:00
committed by GitHub
parent fe7c26a741
commit d856595b8e
1 changed files with 5 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
pkg/javadb/client.go
View File

@@ -6,6 +6,7 @@ import (
"fmt"
"os"
"path/filepath"
"sort"
"time"
"golang.org/x/xerrors"
@@ -142,6 +143,9 @@ func (d *DB) SearchByArtifactID(artifactID string) (string, error) {
} else if len(indexes) == 0 {
return "", xerrors.Errorf("artifactID %s: %w", artifactID, jar.ArtifactNotFoundErr)
}
sort.Slice(indexes, func(i, j int) bool {
return indexes[i].GroupID < indexes[j].GroupID
})
// Some artifacts might have the same artifactId.
// e.g. "javax.servlet:jstl" and "jstl:jstl"
@@ -157,6 +161,7 @@ func (d *DB) SearchByArtifactID(artifactID string) (string, error) {
var groupID string
for k, v := range groupIDs {
if v > maxCount {
maxCount = v
groupID = k
}
}